Microsoft has detailed a macOS flaw that could be exploited to bypass the security system and extract sensitive data from protected folders, including photos, location logs, face recognition data, search history, and more.
Normally, Apple user data is protected by the Transparency, Consent, and Control (TCC) system. However, Microsoft’s Threat Intelligence team discovered that Spotlight, Apple’s built-in search tool, can be targeted using malicious plugins, known as Spotlight importers, to bypass TCC.
Apple patched the flaw on March 31st, 2025, and systems running later versions of macOS should be immune to the vulnerability, which is labeled CVE-2025-31199. The vulnerability also affected unpatched iPads, iPhones, and other devices.
The researchers urge users to update macOS and other Apple devices if they haven’t already.
How does the exploit work?
Spotlight plugins, or imports, help further index data on a device. For example, the Outlook email app can index emails so that they appear in search results.
However, to index files, Spotlight plugins must also have privileged access to sensitive files. The Microsoft researchers found that Apple's restrictions on these plugins were insufficient, enabling attackers to exfiltrate the file’s contents.
Local attackers or malicious apps can manipulate plugin files to declare what files they’re interested in and copy them unsigned into Spotlight’s directory. Then, they would use a command to force the search tool to load the plugins, scan files under the given paths, and leak them.
“The calling app does not require TCC permissions to the indexed directory,” the researchers explain in a report.
“An attacker can trivially discover and read arbitrary files from sensitive directories normally protected by TCC.”
To demonstrate the flaw, the researchers developed a full proof-of-concept code dubbed “Sploitlight,” automating the process.
Similar TCC bypass exploits have been identified before, including “HM‑Surf” and “powerdir.” However, the competitor from Redmond believes that Sploitlight is more severe due to its ability to extract and leak sensitive information from Apple Intelligence.
Attackers can obtain:
- Anything stored in the Downloads folder.
- Precise geolocation data (GPS coordinates associated with photos and videos, time-stamped location history, reverse-geocoded addresses or place names).
- Photo and video metadata (timestamps, Device model, camera settings (aperture, ISO, shutter speed, paths to stored content).
- Face and person recognition data (identified faces, sometimes linked to contact names if tagged, Clustering of photos by recognized individuals).
- Photos, videos, and related activities 9photo albums and their contents, details, including participants, screenshots, saved images, and shared content, event clustering, such as birthdays or vacations, labels, and categories generated by the Photos app).
- Metadata or recently deleted photos and videos
- Search history and user preferences within the Photos app.
Other data is potentially at risk, too. Microsoft warns that an attacker with access to a user’s macOS device can determine remote information of other devices linked to their iCloud account and easily gain private data from other Apple Intelligence cached files, such as email summaries and notes written with ChatGPT.
Your email address will not be published. Required fields are markedmarked